[OE-core] [meta][PATCH 06/09] linux-yocto/6.18: update CVE exclusions (6.18.7)

[Bruce Ashfield via lists.openembedded.org]

From: Bruce Ashfield <bruce.ashfi...@gmail.com>

Data pulled from: https://github.com/CVEProject/cvelistV5

    1/1 [
        Author: cvelistV5 Github Action
        Email: github_act...@example.com
        Subject: 10 changes (10 new | 0 updated): - 10 new CVEs: 
CVE-2025-11065, CVE-2025-11687, CVE-2025-14459, CVE-2025-14525, CVE-2025-14969, 
CVE-2025-9520, CVE-2025-9521, CVE-2025-9522, CVE-2026-0810, CVE-2026-1190 - 0 
updated CVEs:
        Date: Mon, 26 Jan 2026 19:39:25 +0000

    ]

Signed-off-by: Bruce Ashfield <bruce.ashfi...@gmail.com>
---
 .../linux/cve-exclusion_6.18.inc              | 118 +++++++++++++++++-
 1 file changed, 114 insertions(+), 4 deletions(-)

diff --git a/meta/recipes-kernel/linux/cve-exclusion_6.18.inc 
b/meta/recipes-kernel/linux/cve-exclusion_6.18.inc
index 38f260d231..a29732706e 100644
--- a/meta/recipes-kernel/linux/cve-exclusion_6.18.inc
+++ b/meta/recipes-kernel/linux/cve-exclusion_6.18.inc
@@ -1,11 +1,11 @@
 
 # Auto-generated CVE metadata, DO NOT EDIT BY HAND.
-# Generated at 2026-01-22 14:32:14.186712+00:00 for kernel version 6.18.6
-# From linux_kernel_cves cve_2026-01-22_1400Z
+# Generated at 2026-01-26 19:48:18.296749+00:00 for kernel version 6.18.7
+# From linux_kernel_cves cve_2026-01-26_1900Z-2-g425a25ddf37
 
 
 python check_kernel_cve_status_version() {
-    this_version = "6.18.6"
+    this_version = "6.18.7"
     kernel_version = d.getVar("LINUX_VERSION")
     if kernel_version != this_version:
         bb.warn("Kernel CVE status needs updating: generated for %s but kernel 
is %s" % (this_version, kernel_version))
@@ -20158,7 +20158,7 @@ CVE_STATUS[CVE-2025-71072] = "cpe-stable-backport: 
Backported in 6.18.3"
 
 CVE_STATUS[CVE-2025-71073] = "cpe-stable-backport: Backported in 6.18.3"
 
-CVE_STATUS[CVE-2025-71074] = "cpe-stable-backport: Backported in 6.18.3"
+# CVE-2025-71074 needs backporting (fixed from 6.19rc1)
 
 CVE_STATUS[CVE-2025-71075] = "cpe-stable-backport: Backported in 6.18.3"
 
@@ -20300,7 +20300,117 @@ CVE_STATUS[CVE-2025-71143] = "cpe-stable-backport: 
Backported in 6.18.4"
 
 CVE_STATUS[CVE-2025-71144] = "cpe-stable-backport: Backported in 6.18.5"
 
+# CVE-2025-71145 has no known resolution
+
+CVE_STATUS[CVE-2025-71146] = "cpe-stable-backport: Backported in 6.18.3"
+
+CVE_STATUS[CVE-2025-71147] = "cpe-stable-backport: Backported in 6.18.3"
+
+CVE_STATUS[CVE-2025-71148] = "cpe-stable-backport: Backported in 6.18.3"
+
+CVE_STATUS[CVE-2025-71149] = "cpe-stable-backport: Backported in 6.18.3"
+
+CVE_STATUS[CVE-2025-71150] = "cpe-stable-backport: Backported in 6.18.3"
+
+CVE_STATUS[CVE-2025-71151] = "cpe-stable-backport: Backported in 6.18.3"
+
+CVE_STATUS[CVE-2025-71152] = "cpe-stable-backport: Backported in 6.18.4"
+
+CVE_STATUS[CVE-2025-71153] = "cpe-stable-backport: Backported in 6.18.4"
+
+CVE_STATUS[CVE-2025-71154] = "cpe-stable-backport: Backported in 6.18.4"
+
+CVE_STATUS[CVE-2025-71155] = "cpe-stable-backport: Backported in 6.18.4"
+
+CVE_STATUS[CVE-2025-71156] = "cpe-stable-backport: Backported in 6.18.4"
+
+CVE_STATUS[CVE-2025-71157] = "cpe-stable-backport: Backported in 6.18.4"
+
+CVE_STATUS[CVE-2025-71158] = "cpe-stable-backport: Backported in 6.18.6"
+
+CVE_STATUS[CVE-2025-71159] = "cpe-stable-backport: Backported in 6.18.6"
+
+CVE_STATUS[CVE-2025-71160] = "cpe-stable-backport: Backported in 6.18.6"
+
+CVE_STATUS[CVE-2025-71161] = "cpe-stable-backport: Backported in 6.18.6"
+
+CVE_STATUS[CVE-2025-71162] = "cpe-stable-backport: Backported in 6.18.7"
+
+CVE_STATUS[CVE-2025-71163] = "cpe-stable-backport: Backported in 6.18.7"
+
 CVE_STATUS[CVE-2026-22976] = "cpe-stable-backport: Backported in 6.18.6"
 
 CVE_STATUS[CVE-2026-22977] = "cpe-stable-backport: Backported in 6.18.6"
 
+CVE_STATUS[CVE-2026-22978] = "cpe-stable-backport: Backported in 6.18.6"
+
+CVE_STATUS[CVE-2026-22979] = "cpe-stable-backport: Backported in 6.18.6"
+
+CVE_STATUS[CVE-2026-22980] = "cpe-stable-backport: Backported in 6.18.6"
+
+CVE_STATUS[CVE-2026-22981] = "cpe-stable-backport: Backported in 6.18.6"
+
+CVE_STATUS[CVE-2026-22982] = "cpe-stable-backport: Backported in 6.18.6"
+
+CVE_STATUS[CVE-2026-22983] = "cpe-stable-backport: Backported in 6.18.6"
+
+CVE_STATUS[CVE-2026-22984] = "cpe-stable-backport: Backported in 6.18.6"
+
+CVE_STATUS[CVE-2026-22985] = "cpe-stable-backport: Backported in 6.18.6"
+
+CVE_STATUS[CVE-2026-22986] = "cpe-stable-backport: Backported in 6.18.6"
+
+CVE_STATUS[CVE-2026-22987] = "cpe-stable-backport: Backported in 6.18.6"
+
+CVE_STATUS[CVE-2026-22988] = "cpe-stable-backport: Backported in 6.18.6"
+
+CVE_STATUS[CVE-2026-22989] = "cpe-stable-backport: Backported in 6.18.6"
+
+CVE_STATUS[CVE-2026-22990] = "cpe-stable-backport: Backported in 6.18.6"
+
+CVE_STATUS[CVE-2026-22991] = "cpe-stable-backport: Backported in 6.18.6"
+
+CVE_STATUS[CVE-2026-22992] = "cpe-stable-backport: Backported in 6.18.6"
+
+CVE_STATUS[CVE-2026-22993] = "cpe-stable-backport: Backported in 6.18.6"
+
+CVE_STATUS[CVE-2026-22994] = "cpe-stable-backport: Backported in 6.18.6"
+
+CVE_STATUS[CVE-2026-22995] = "cpe-stable-backport: Backported in 6.18.6"
+
+CVE_STATUS[CVE-2026-22996] = "cpe-stable-backport: Backported in 6.18.7"
+
+CVE_STATUS[CVE-2026-22997] = "cpe-stable-backport: Backported in 6.18.7"
+
+CVE_STATUS[CVE-2026-22998] = "cpe-stable-backport: Backported in 6.18.7"
+
+CVE_STATUS[CVE-2026-22999] = "cpe-stable-backport: Backported in 6.18.7"
+
+CVE_STATUS[CVE-2026-23000] = "cpe-stable-backport: Backported in 6.18.7"
+
+CVE_STATUS[CVE-2026-23001] = "cpe-stable-backport: Backported in 6.18.7"
+
+CVE_STATUS[CVE-2026-23002] = "cpe-stable-backport: Backported in 6.18.7"
+
+CVE_STATUS[CVE-2026-23003] = "cpe-stable-backport: Backported in 6.18.7"
+
+CVE_STATUS[CVE-2026-23004] = "cpe-stable-backport: Backported in 6.18.7"
+
+CVE_STATUS[CVE-2026-23005] = "cpe-stable-backport: Backported in 6.18.7"
+
+CVE_STATUS[CVE-2026-23006] = "cpe-stable-backport: Backported in 6.18.7"
+
+CVE_STATUS[CVE-2026-23007] = "cpe-stable-backport: Backported in 6.18.7"
+
+CVE_STATUS[CVE-2026-23008] = "cpe-stable-backport: Backported in 6.18.7"
+
+CVE_STATUS[CVE-2026-23009] = "cpe-stable-backport: Backported in 6.18.7"
+
+CVE_STATUS[CVE-2026-23010] = "cpe-stable-backport: Backported in 6.18.7"
+
+CVE_STATUS[CVE-2026-23011] = "cpe-stable-backport: Backported in 6.18.7"
+
+CVE_STATUS[CVE-2026-23012] = "cpe-stable-backport: Backported in 6.18.7"
+
+CVE_STATUS[CVE-2026-23013] = "cpe-stable-backport: Backported in 6.18.7"
+
-- 
2.43.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#230650): 
https://lists.openembedded.org/g/openembedded-core/message/230650
Mute This Topic: https://lists.openembedded.org/mt/117678899/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-